Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Bernd Petrovitsch]

Hi all!

On 17/10/2018 19:36, Dino Edwards wrote:
[...]
> "Hey I noticed the "-" prefix in "ExecStartPre=-/bin/mkdir /run/clamav" line. 
> This does not indicate a problem, but rather a warning letting you know that 
> the directory already exists. You don't have anything to worry about"

FWIW but changing that to "ExecStartPre=/bin/mkdir -p /run/clamav"
should silence the "directory already exists" case (and it doesn't
return an error value).

MfG,
Bernd
-- 
Bernd Petrovitsch  Email : be...@petrovitsch.priv.at
 LUGA : http://www.luga.at
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Freshclam can't use HTTPS with PrivateMirror?

[G.W. Haywood]

Hi there,

On Wed, 17 Oct 2018, Sean wrote:


We have created a private mirror of clam data updates on a network
that is not Internet connected.  We are required to encrypt network
traffic, e.g. the mirror server must redirect http -> https.


This all seems a little strange.  Perhaps you can explain.


... freshclam ... port is hard coded to 80.

Is there a reason for this?  Should I file a bug?  I would think that
utilizing https as much as possible would be a good idea.


There's nothing remotely private about a *public* database of malware
signatures, so (especially on a network that is not connected to the
Internet!) it makes very little sense to encrypt freshclam's traffic.
You might as well encrypt Sky News.  It would just mean a lot of extra
work/code/issues/cycles for no purpose, diverting scarce resources from
where they're actually needed.  Don't do it.

Will your accountants want you to encrypt NTP traffic too?  Oh - your
network isn't connected to the Internet anyway, so it won't know what
time it is, and so it can't decide when to do, well, anything, and the
timestamps in the logs will just be guesses, so forensics is right off
the menu and if you use Kerberos then it probably won't be long before
nobody will be able to log in, and...

Tell them it's a lot better to let you apply your intelligence to this
stuff than to get you running around in circles doing so many things
that make no sense that you have no time to implement real security.

--

73,
Ged.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

Ok thanks! You really need to work on your social skills though. Here's how 
NORMAL people (i.e. people NOT in the autistic spectrum) would have handled 
this:

YOU:
"Hey I noticed the "-" prefix in "ExecStartPre=-/bin/mkdir /run/clamav" line. 
This does not indicate a problem, but rather a warning letting you know that 
the directory already exists. You don't have anything to worry about"

ME:
"Thanks! I appreciate you looking at it. You are awesome!"

See? It's simple. Just don't be a dick! Give it a try.

Thanks again!

Dino






-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 1:08 PM
To: ClamAV users ML ; Dino Edwards 

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 18:21 schrieb Dino Edwards:
> ExecStartPre=-/bin/mkdir /run/clamav
> ExecStartPre=/bin/chown clamav /run/clamav

you don't get an error, an error is when the service don't start

"If I delete the /var/run/clamav directory, I don’t get the error, but if I 
restart clamd again I get the error again. I’m not sure what the problem is" - 
idiot there is no problem

"ExecStartPre=-/bin/mkdir /run/clamav" is prefixed with - so that the service 
don't fail in case the directory exists and "mkdir" natuarlly fails when a 
directory already exists

when you delete the directory - guess what - it get created and no warning - 
frankly this is not a clamav topic at all but lack of basic understanding of 
your system
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

Hi Kris thanks for trying to help,

Here you go:

dpkg -L clamav-daemon |grep system

/lib/systemd
/lib/systemd/system
/lib/systemd/system/clamav-daemon.service

cat /lib/systemd/system/clamav-daemon.service

[Unit]
Description=Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/
# Check for database existence
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}

[Service]
ExecStart=/usr/sbin/clamd --foreground=true
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

cd /etc/systemd/system/clamav-daemon.service.d
root@hermes:/etc/systemd/system/clamav-daemon.service.d# ls
extend.conf
root@hermes:/etc/systemd/system/clamav-daemon.service.d# cat extend.conf
[Service]
ExecStartPre=-/bin/mkdir /run/clamav
ExecStartPre=/bin/chown clamav /run/clamav



-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Kris Deugau
Sent: Wednesday, October 17, 2018 10:38 AM
To: ClamAV users ML 
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists

Dino Edwards wrote:
> Answering my own question on the /var/run and the /run directories. 
> There is a link between the two, I just didn’t go up a level in the 
> directory structure. The question about the error still remains though.

The chown and mkdir look a bit suspect to me;  I'm not seeing anything like 
that in the Debian packages (which should be mostly the same in Ubuntu).  What 
I *do* see in one of the stock files
(/lib/systemd/system/clamav-daemon.socket) is this stanza:

[Socket]
ListenStream=/run/clamav/clamd.ctl
#ListenStream=127.0.0.1:1024
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True

which if I understand correctly, implies that clamd on this system is using 
systemd's socket creation/handling voodoo rather than doing so itself.

Can you post:

- Output from  "dpkg -L clamav-daemon |grep system"

- Contents of any .service or .socket files from the above list

- Contents of any files in /etc/systemd/system/clamav-daemon.service.d


> Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; 
> vendor preset: enabled)
> 
>    Drop-In: /etc/systemd/system/clamav-daemon.service.d
> 
>     └─extend.conf

This seems to indicate that you're not using the stock systemd service 
definitions from Ubuntu/Debian upstream.

-kgd
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

@ GBlorst Thanks for the heads up. I’m going to try and stop feeding the troll.

From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of
Sent: Wednesday, October 17, 2018 10:47 AM
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists


Hi, Dino.

Reindl is a scared little boy. This is normal behavior for him. He has low-self 
esteem and needs to make his little boy self feel better. Don't worry about him.
Ignore him and he will go away!

He has been banned from many lists for his childish behavior!

Bye Bye Reindl.

GBlorst


How about you contribute something of value to this discussion instead of a 
link about how this was added in Linux 7 years ago so you can show everyone how 
clever you are.



Do I really need to know the history of this change? No, I was able to figure 
it out and I posted that with my 2nd post.



The main issue still remains, "/bin/mkdir: cannot create directory 
‘/run/clamav’: File exists". Do you have any insight on that? I'm thinking no?



Thanks











-Original Message-

From: Reindl Harald [mailto:h.rei...@thelounge.net]

Sent: Wednesday, October 17, 2018 8:29 AM

To: ClamAV users ML 
; Dino 
Edwards 

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists


Take your old mailboxes with you. Free, fast and secure: eclipso Mail & 
Cloud. Time to change!.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

Get real. When I and others called you out, you decided to put a little more 
detail to cover the obvious fact that you were just trying to be a dick.

The important thing you fail to understand that I did NOT write the script to 
start the service. So any "mkdir/chown dance" as you put it, was NOT done by 
me, but rather the package maintainer. This USED to work in previous 
Ubuntu/clamd version, now it no longer works. So, I'm trying to figure out why 
it's not working and if I should bring this up in the appropriate Ubuntu forum.

Your link and "contribution" continues to be void of any value and substance in 
this discussion.

So, I'm going to stop feeding this troll.




-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 11:39 AM
To: ClamAV users ML ; Dino Edwards 
; gblo...@eclipso.eu
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 14:33 schrieb Dino Edwards:
> How about you contribute something of value to this discussion instead of a 
> link about how this was added in Linux 7 years ago so you can show everyone 
> how clever you are. 

i contributed the link which explains how these folders are supposed to get 
created at boot and any mkdir/chown dance is plain wrong - it's not my fault 
that you don't recognize input when you get it 
https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

and if one insists in "ExecStartPre=/bin/mkdir /run/clamav" he should make it 
proper as "ExecStartPre=-/bin/mkdir /run/clamav" which don't fail the whole 
service in case the directory already exists

> -Original Message-
> From: Reindl Harald [mailto:h.rei...@thelounge.net]
> Sent: Wednesday, October 17, 2018 8:29 AM
> To: ClamAV users ML ; Dino Edwards 
> 
> Subject: Re: [clamav-users] /bin/mkdir: cannot create directory 
> ‘/run/clamav’: File exists
> 
> 
> Am 17.10.18 um 13:12 schrieb Dino Edwards:
>> Good morning? 
> 
> what about read posted links and don't strip context?
> 
> /run was introduced 7 years ago and the discussion about it made it to 
> every it news portal and that's what i mean when somebody is surprised 
> that /run is a tmpfs available at early boot which also means you need 
> to make sure folders there are created at boot
> 
> https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html
> 
>> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>>> good morning in 2018
> 
> 
>  Weitergeleitete Nachricht 
> 
> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>> Answering my own question on the /var/run and the /run directories.
>> There is a link between the two
> good morning in 2018
> 
> http://www.h-online.com/open/news/item/Linux-distributions-to-include-
> run-directory-1219006.html
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Freshclam can't use HTTPS with PrivateMirror?

[Sean]

Hi,
I'm new to the list, but have been using clam for a good while, it's
just always worked :)

We have created a private mirror of clam data updates on a network
that is not Internet connected.  We are required to encrypt network
traffic, e.g. the mirror server must redirect http -> https.  I was
hoping to configure freshclam.conf to use the PrivateMirror setting as
detailed at 
https://github.com/Cisco-Talos/clamav-faq/blob/master/mirrors/CvdPrivateMirror.md
Option #2.  We wish to go with #2, because we will not control all
clients, and it will be simpler to user freshclam with proper
configuration than having to support clients configuring a custom
script and having the right things installed to run it.

I see in the code
(https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/freshclam/manager.c#L225)
that unless a proxy is used, the port is hard coded to 80.

Is there a reason for this?  Should I file a bug?  I would think that
utilizing https as much as possible would be a good idea.

Thanks!

--Sean
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Hi, Dino.Reindl is a scared little boy. This is normal behavior for him. He has low-self esteem and needs to make his little boy self feel better. Don't worry about him.Ignore him and he will go away!He has been banned from many lists for his childish behavior!Bye Bye Reindl.GBlorstHow about you contribute something of value to this discussion instead of a link about how this was added in Linux 7 years ago so you can show everyone how clever you are. 

Do I really need to know the history of this change? No, I was able to figure it out and I posted that with my 2nd post. 

The main issue still remains, "/bin/mkdir: cannot create directory ‘/run/clamav’: File exists". Do you have any insight on that? I'm thinking no?

Thanks





-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 8:29 AM
To: ClamAV users ML ; Dino Edwards 
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

  Take your old mailboxes with you. Free, fast and secure: eclipso Mail & Cloud. Time to change!.


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Kris Deugau]

Dino Edwards wrote:
Answering my own question on the /var/run and the /run directories. 
There is a link between the two, I just didn’t go up a level in the 
directory structure. The question about the error still remains though.


The chown and mkdir look a bit suspect to me;  I'm not seeing anything 
like that in the Debian packages (which should be mostly the same in 
Ubuntu).  What I *do* see in one of the stock files 
(/lib/systemd/system/clamav-daemon.socket) is this stanza:


[Socket]
ListenStream=/run/clamav/clamd.ctl
#ListenStream=127.0.0.1:1024
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True

which if I understand correctly, implies that clamd on this system is 
using systemd's socket creation/handling voodoo rather than doing so itself.


Can you post:

- Output from  "dpkg -L clamav-daemon |grep system"

- Contents of any .service or .socket files from the above list

- Contents of any files in /etc/systemd/system/clamav-daemon.service.d


Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; 
vendor preset: enabled)


   Drop-In: /etc/systemd/system/clamav-daemon.service.d

    └─extend.conf


This seems to indicate that you're not using the stock systemd service 
definitions from Ubuntu/Debian upstream.


-kgd
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

How about you contribute something of value to this discussion instead of a 
link about how this was added in Linux 7 years ago so you can show everyone how 
clever you are. 

Do I really need to know the history of this change? No, I was able to figure 
it out and I posted that with my 2nd post. 

The main issue still remains, "/bin/mkdir: cannot create directory 
‘/run/clamav’: File exists". Do you have any insight on that? I'm thinking no?

Thanks





-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 8:29 AM
To: ClamAV users ML ; Dino Edwards 

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 13:12 schrieb Dino Edwards:
> Good morning? 

what about read posted links and don't strip context?

/run was introduced 7 years ago and the discussion about it made it to every it 
news portal and that's what i mean when somebody is surprised that /run is a 
tmpfs available at early boot which also means you need to make sure folders 
there are created at boot

https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>> good morning in 2018


 Weitergeleitete Nachricht 

Am 16.10.18 um 19:12 schrieb Dino Edwards:
> Answering my own question on the /var/run and the /run directories.
> There is a link between the two
good morning in 2018

http://www.h-online.com/open/news/item/Linux-distributions-to-include-run-directory-1219006.html
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[Dino Edwards]

Good morning? 

Am 16.10.18 um 19:12 schrieb Dino Edwards:
> good morning in 2018

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml